+44 207 488 9947
Legal Updates
Data Protection - ICO Guidance – Personal Information – Data Security – Deleting Personal Data – Data Protection Act 1998
The Information Commissioner’s Office (“ICO”) recently published guidance on deleting personal data under the Data Protection Act 1998 (“DPA”) ensuring compliance with the fifth data protection principle.
The ICO’s guidance addresses the distinction that many organisations make in practice, between deleting information and archiving it.
Fifth Principle
Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
The guidance can be found here, but some of the key points are as follows:
- Data that is archived must still comply with the rules of data protection.
- It is important to provide clear information to individuals about the process that will occur when e.g. their online accounts are closed and if their data will be irretrievably deleted or simply archived.
- It is important to be clear with individuals about whether deletions are irretrievable or if the organisation will have a method of recovering and re-instating the data.
- Compliance issues with the DPA are no longer in effect when the data is no longer “live,” meaning the data has been put “beyond use” and is in a queue for deletion.
o Data is “beyond use” when it is inaccessible to any data controllers within the organisation and to external parties; the data is secured with the appropriate technical and organisational safeguards; and is committed to deletion at the earliest convenience.
o The ICO is aware that in certain circumstances, deletion of data is not always a straightforward task. In such instances, efforts by the organisation to put the data “beyond use” are encouraged by the ICO.
You may contact us by email [email protected]. Visit http://www.rtcoopers.com/practice_dataprotection.php
© RT COOPERS, 2012. This Briefing Note does not provide a comprehensive or complete statement of the law relating to the issues discussed nor does it constitute legal advice. It is intended only to highlight general issues. Specialist legal advice should always be sought in relation to particular circumstances.
- Testimonial - MPharm Student
22-09-2024 - MODERNA V. PFIZER/BIONTECH
28-08-2024 - Patents - Artificial Intelligence
05-07-2024 - Case Study : OSCE Retake
26-06-2024 - IBM vs LZLABS report by D Corbin
20-05-2024 - Case Study : Biomedical Science
14-03-2024 - Case study : MSc Nursing Student
22-02-2024 - Case Study : Accused of Plagiarism
09-11-2023 - Testimonial : MBBS Resit Failure
05-11-2023 - Case Study : MBBS Professionalism
01-11-2023 - Pre-packed Food Labelling Deadline
26-10-2023 - Case Study : MBBS withdrawal
14-10-2023 - Case Study : MPharm appeals
18-09-2023 - Case Study : Academic Malpractice
07-09-2023 - Case Study : PGCert to MSc
16-08-2023
